tftpd Permission Denied?
- FOG Version: 1.4.4
- OS: Fedora 26
- Service Version:
I have DHCP settings configured but I am having issues getting tftpd working. I have disabled SELinux and the firewall to get those possibilities out of the mix. I have gotten to trying to just use a command-line tftp client to transfer files. Every time I try I get the message:
Error code 0: Permission denied
I get that Permission denied message even when I try to “get” a file name that doesn’t exist.
I’m wondering what the next step to try would be.
Any insight would be appreciated.
@george1421 After a lengthy IM session we discovered that their dhcp server wasn’t sending out the boot-file and next-server values properly in the ethernet header. There were dhcp options 66 and 67 being set. This particular pxe booting client was only looking at the etherent header for the boot server info. Once the OP updated his dhcp server the target computer booted correctly into the FOG iPXE menu.
@george1421 Update from IM: The pcap doesn’t reflect what the OP is trying to boot. The OP is trying to boot a lenovo with an intel nic, and the pcap shows an apple trying to boot.
I’m going to send you a message via IM look at the talk bubble at the top of the fog forum tool tray.
@musat We’re booting an apple computer here?
As another test, I booted the test client laptop into Windows and successfully tftp’d the undionly.kpxe from the fog server. So network-wise everything looks correct.
@Sebastian-Roth I remembered that a while ago we got a 10/100 monitoring hub specifically for this task. And I was actually able to find it, right where I thought it should be. Amazing.
I put the captured content at: output.pcap
From my quick viewing of the output, the DHCP process completed properly, sending the correct values for option 66 and 67. However, there is no tftp traffic. I ran the capture again adding the
or host <fog ip address> or host <client ip address>(since it always gets the same one), but got no additional packets.
Hopefully this tells you something. I’m guessing that this is a client NIC issue.
Thanks, I’ll see what I can do. The issue being that the Fog server and my DHCP server are in the same VLAN, but my booting client is in a separate VLAN. I have the helper address configured as we’ve needed for DHCP to function. So with that DHCP stops being a broadcast and gets directed to the DHCP server, so the Fog server won’t see them. I think I have an old 3Com 10Mbps dumb hub here that I could plug the client in through to capture the traffic. Will need to do some scrounging though.
If you think you have dhcp setup correctly, and your fog server, dhcp server and pxe booting client are on the same subnet follow these instructions: https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue
Upload the pcap to a google drive or dropbox. Then either post the link here or send it to me via IM and I’ll take a look at what is going down the wire.
Thank you for the response. At the end of the day yesterday with getting nowhere I decided to rebuild the server, since it was new anyway. I rebuilt it using CentOS and the TFTP is transferring properly now. I am able to connect from several different computers and
getfiles from the Fog tftpd.
Now I need to get the DHCP PXE boot figured out. Using http://blog.thecybershadow.net/2013/01/10/dhcp-test-client/ I see that the DHCP server is passing the proper data for options 66 and 67. However I still am getting a “TFTP open timeout” error on my PXE clients. They are all old (2010 or older) Lenovo laptops with Intel gigabit Ethernet NICs onboard. I am going to see if there is a firmware update that might help.
I might be posting again to see about getting this figured out, but I’ve got a few things I need to try before getting to that.
Thanks again for the response,
@musat What do you get from those commands?
sudo ls -al /tftpboot ... sudo netstat -antup | grep 69 ... sudo iptables -L -n -v ...